# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=hostapd
pkgver=2.9
pkgrel=2
pkgdesc="daemon for wireless software access points"
url="https://w1.fi/hostapd/"
arch="all"
license="custom"
makedepends="openssl-dev libnl3-dev linux-headers"
subpackages="$pkgname-doc $pkgname-openrc"
source="https://w1.fi/releases/$pkgname-$pkgver.tar.gz
	$pkgname.initd
	$pkgname.confd
	CVE-2019-16275.patch
	0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
	0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
	0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
	"
options="!check" #no testsuite
builddir="$srcdir"/$pkgname-$pkgver/hostapd

# secfixes:
#   2.9-r2:
#     - CVE-2020-12695
#   2.9-r1:
#     - CVE-2019-16275
#   2.8-r0:
#     - CVE-2019-11555
#     - CVE-2019-9496
#   2.7-r0:
#     - CVE-2017-13082
#   2.6-r2:
#     - CVE-2017-13077
#     - CVE-2017-13078
#     - CVE-2017-13079
#     - CVE-2017-13080
#     - CVE-2017-13081
#     - CVE-2017-13082
#     - CVE-2017-13086
#     - CVE-2017-13087
#     - CVE-2017-13088

prepare() {
	local conf="$builddir/.config"

	# This is required because our builddir is the hostapd/ directory
	# inside the extracted archive, while patches mostly apply against
	# the src/ directory that is in the same directory as the hostapd/
	# one is
	cd "$builddir"/..
	for i in "$srcdir"/*.patch; do
		msg "Applying $i..."
		patch -p1 -i $i
	done

	cd "$builddir"
	sed -i -e "s:/etc/hostapd:/etc/hostapd/hostapd:g" \
		hostapd.conf

	# toolchain setup
	sed \
		-e '/^#CONFIG_DRIVER_NL80211=y/s/^#//' \
		-e '/^#CONFIG_RADIUS_SERVER=y/s/^#//' \
		-e '/^#CONFIG_DRIVER_WIRED=y/s/^#//' \
		-e '/^#CONFIG_DRIVER_NONE=y/s/^#//' \
		-e '/^#CONFIG_IEEE80211N=y/s/^#//' \
		-e '/^#CONFIG_IEEE80211R=y/s/^#//' \
		-e '/^#CONFIG_IEEE80211AC=y/s/^#//' \
		-e '/^#CONFIG_FULL_DYNAMIC_VLAN=y/s/^#//' \
		-e '/^#CONFIG_LIBNL32=y/s/^#//' \
		-e '/^#CONFIG_ACS=y/s/^#//' \
		defconfig >> .config
	echo "CC ?= ${CC:-gcc}" >> .config
	echo "CFLAGS += -I/usr/include/libnl3" >> .config
	echo "LIBS += -L/usr/lib" >> .config
}

build() {
	cd "$builddir"
	make
	msg "nt_password_hash"
	make nt_password_hash
}

package() {
	cd "$builddir"
	install -d "$pkgdir"/etc/hostapd
	install hostapd.conf hostapd.accept hostapd.deny hostapd.eap_user \
		hostapd.radius_clients hostapd.sim_db hostapd.wpa_psk \
		"$pkgdir"/etc/hostapd/

	install -Dm755 hostapd "$pkgdir"/usr/sbin/hostapd \
		&& install -Dm755 hostapd_cli "$pkgdir"/usr/bin/hostapd_cli \
		&& install -Dm755 nt_password_hash \
			"$pkgdir"/usr/bin/nt_password_hash \
		&& install -Dm755 "$srcdir"/hostapd.initd \
			"$pkgdir"/etc/init.d/hostapd \
		&& install -Dm644 "$srcdir"/hostapd.confd \
			"$pkgdir"/etc/conf.d/hostapd \
		&& install -Dm644 hostapd.8 \
			"$pkgdir"/usr/share/man/man8/hostapd.8 \
		&& install -Dm644 hostapd_cli.1 \
			"$pkgdir"/usr/share/man/man1/hostapd_cli
}
sha512sums="66c729380152db18b64520bda55dfa00af3b0264f97b5de100b81a46e2593571626c4bdcf900f0988ea2131e30bc8788f75d8489dd1f57e37fd56e8098e48a9c  hostapd-2.9.tar.gz
b54b7c6aa17e5cb86a9b354a516eb2dbefb544df18471339c61d82776de447011a2ac290bea1e6c8beae4b6cebefafb8174683ea42fb773e9e8fe6c679f33ba3  hostapd.initd
0882263bbd7c0b05bf51f51d66e11a23a0b8ca7da2a3b8a30166d2c5f044c0c134e6bccb1d02c9e81819ca8fb0c0fb55c7121a08fe7233ccaa73ff8ab9a238fe  hostapd.confd
63710cfb0992f2c346a9807d8c97cbeaed032fa376a0e93a2e56f7742ce515e9c4dfadbdb1af03ba272281f639aab832f0178f67634c222a5d99e1d462aa9e38  CVE-2019-16275.patch
b76bbca282a74ef16c0303e5dbd2ccd33a62461595964d52c1481b0bfa4f41deacde56830b85409b288803b87ceb6f33cf0ccc69c5b17ec632c2d4784b872f3c  0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
00cc739e78c42353a555c0de2f29defecff372927040e14407a231d1ead7ff32a37c9fd46bea7cdf1c24e3ac891bc3d483800d44fc6d2c8a12d2ae886523b12c  0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
69243af20cdcfa837c51917a3723779f4825e11436fb83311355b4ffe8f7a4b7a5747a976f7bf923038c410c9e9055b13b866d9a396913ad08bdec3a70e9f6e0  0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch"
